FTC Says Listen Up When Vulnerability Reports Come In

FTC Says Listen Up When Vulnerability Reports Come In

The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS misrepresented its security practices and failed to reasonably secure its router software. The Commission cited the company’s alleged failure to address vulnerability reports as one of the its primary concerns. The settlement reiterates the warnings contained in the FTC’s recent Start with Security Guide and prior settlements with HTC America and Fandango: the FTC expects companies to implement adequate processes for receiving security vulnerability reports and addressing them within a reasonable time.

Interested in Sponsoring Content?

This site does NOT accept sponsored posts or articles. If you ignore this and send me inquiries about how your high-level article on cottage cheese would be a wonderful addition to this site, I will ignore your inquiries.